Improper Neutralization of Input During Web Page Generation in IPython

Cross-site scripting XSS vulnerability in IPython before 3.2 allows remote attackers to inject arbitrary web script or HTML via vectors involving JSON error messages and the /api/notebooks path...

GHSA-7W89-QQXX-C62R Cross-site Scripting in Jenkins Build Failure Analyzer plugin

Cross-site scripting XSS vulnerability in the Build Failure Analyzer plugin before 1.16.0 in Jenkins allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter...

Kallithea cross-site scripting (XSS) vulnerability

Multiple cross-site scripting XSS vulnerabilities in the administration pages in Kallithea before 0.2.1 allow remote attackers to inject arbitrary web script or HTML via the 1 first name or 2 last name user details, or the 3 repository, 4 repository group, or 5 user group description...

GHSA-4C5W-QQFG-GRF3 Symphony CMS XSS Vulnerabilities

Multiple cross-site scripting XSS vulnerabilities in content/content.systempreferences.php in Symphony CMS before 2.6.4 allow remote attackers to inject arbitrary web script or HTML via the 1 emailsendmailfromname, 2 emailsendmailfromaddress, 3 emailsmtpfromname, 4 emailsmtpfromaddress, 5...

GHSA-GVC8-XJFP-6569 Silverstripe CMS XSS Vulnerability

Multiple cross-site scripting XSS vulnerabilities in SilverStripe CMS & Framework before 3.1.16 and 3.2.0 before 3.2.1 allow remote attackers to inject arbitrary web script or HTML via the 1 Locale or 2 FailedLoginCount parameter to admin/security/EditForm/field/Members/item/new/ItemEditForm...

GHSA-MX5G-3VXH-RGM8 Moodle vulnerable to XSS via bundled spikephpcoverage library

Cross-site scripting XSS vulnerability in the Spike PHPCoverage aka spikephpcoverage library, as used in Moodle 2.0.x before 2.0.2 and other products, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

Moodle vulnerable to XSS via bundled spikephpcoverage library

Cross-site scripting XSS vulnerability in the Spike PHPCoverage aka spikephpcoverage library, as used in Moodle 2.0.x before 2.0.2 and other products, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

GHSA-45CH-HXGR-VX8J phpCAS client library and Moodle Cross-site Scripting vulnerability

Cross-site scripting XSS vulnerability in the phpCAS client library before 1.1.0, as used in Moodle 1.8.x before 1.8.12 and 1.9.x before 1.9.8, allows remote attackers to inject arbitrary web script or HTML via a crafted URL, which is not properly handled in an error message...

GHSA-6656-6QWX-4C2M Moodle XSS In Tag Autocomplete functionality

Cross-site scripting XSS vulnerability in the tag autocomplete functionality in Moodle 1.9.x before 1.9.11 and 2.0.x before 2.0.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

phpCAS client library and Moodle Cross-site Scripting vulnerability

Cross-site scripting XSS vulnerability in the phpCAS client library before 1.1.0, as used in Moodle 1.8.x before 1.8.12 and 1.9.x before 1.9.8, allows remote attackers to inject arbitrary web script or HTML via a crafted URL, which is not properly handled in an error message...

Moodle vulnerable to Cross-site Scripting

Cross-site scripting XSS vulnerability in the fixnonstandardentities function in the KSES HTML text cleaning library weblib.php, as used in Moodle 1.8.x before 1.8.12 and 1.9.x before 1.9.8, allows remote attackers to inject arbitrary web script or HTML via crafted HTML entities...

Moodle Multiple cross-site scripting (XSS) vulnerabilities in the File Picker module

Multiple cross-site scripting XSS vulnerabilities in the File Picker module in Moodle 2.x through 2.1.10, 2.2.x before 2.2.8, 2.3.x before 2.3.5, and 2.4.x before 2.4.2 allow remote authenticated users to inject arbitrary web script or HTML via a crafted filename...

GHSA-75C6-XQWR-V2R9 Moodle cross-site scripting (XSS) vulnerability

Cross-site scripting XSS vulnerability in the quizquestiontostring function in mod/quiz/editlib.php in Moodle through 2.3.11, 2.4.x before 2.4.9, 2.5.x before 2.5.5, and 2.6.x before 2.6.2 allows remote authenticated users to inject arbitrary web script or HTML via a quiz question...

Moodle cross-site scripting (XSS) vulnerability

Cross-site scripting XSS vulnerability in the URL downloader repository in repository/url/lib.php in Moodle through 2.3.11, 2.4.x before 2.4.10, 2.5.x before 2.5.6, and 2.6.x before 2.6.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

Moodle cross-site scripting (XSS) vulnerability

Cross-site scripting XSS vulnerability in the quizquestiontostring function in mod/quiz/editlib.php in Moodle through 2.3.11, 2.4.x before 2.4.9, 2.5.x before 2.5.5, and 2.6.x before 2.6.2 allows remote authenticated users to inject arbitrary web script or HTML via a quiz question...

GHSA-J6C3-3C4W-QV8P Moodle cross-site scripting (XSS) vulnerabilities

Multiple cross-site scripting XSS vulnerabilities in Flowplayer Flash before 3.2.17, as used in Moodle through 2.3.11, 2.4.x before 2.4.9, 2.5.x before 2.5.5, and 2.6.x before 2.6.2, allow remote attackers to inject arbitrary web script or HTML by 1 providing a crafted playerId or 2 referencing a...

GHSA-6922-5V25-P8JG Moodle multiple cross-site scripting (XSS) vulnerabilities

Multiple cross-site scripting XSS vulnerabilities in the SCORM module in Moodle through 2.6.11, 2.7.x before 2.7.9, 2.8.x before 2.8.7, and 2.9.x before 2.9.1 allow remote attackers to inject arbitrary web script or HTML via a crafted organization name to 1 mod/scorm/player.php or 2...

GHSA-GRVW-QQ2J-R898 Moodle multiple cross-site scripting (XSS) vulnerabilities

Multiple cross-site scripting XSS vulnerabilities in the survey module in Moodle through 2.6.11, 2.7.x before 2.7.11, 2.8.x before 2.8.9, and 2.9.x before 2.9.3 allow remote authenticated users to inject arbitrary web script or HTML by leveraging the student role and entering a crafted survey...

Moodle multiple cross-site scripting (XSS) vulnerabilities

Multiple cross-site scripting XSS vulnerabilities in the survey module in Moodle through 2.6.11, 2.7.x before 2.7.11, 2.8.x before 2.8.9, and 2.9.x before 2.9.3 allow remote authenticated users to inject arbitrary web script or HTML by leveraging the student role and entering a crafted survey...

Moodle cross-site scripting (XSS) vulnerability

Cross-site scripting XSS vulnerability in group/overview.php in Moodle through 2.6.11, 2.7.x before 2.7.10, 2.8.x before 2.8.8, and 2.9.x before 2.9.2 allows remote authenticated users to inject arbitrary web script or HTML via a modified grouping description...